Date: Sat, 13 Jun 1998 09:02:13 -0600 (MDT) From: Stephen Mathezer <mathezer@harbor.ab.ca> To: malte@webmore.com Cc: questions@FreeBSD.ORG Subject: RE: sendmail/dns/relaying question Message-ID: <Pine.SOL.3.96.980613085906.21002A-100000@gemini> In-Reply-To: <XFMail.980613122504.malte@webmore.com>
next in thread | previous in thread | raw e-mail | index | archive | help
You're probably right, a RAR on 123.123.123.123 gives fw.domain1.com. Which should be OK because that is what the machine thinks that it is. The problem I think is that when sending email to user@domain2.com, the MX lookup for domain2.com will return fw.domain2.com as an MX but the firewall doesn't know that it is also in domain2 since I don't know of any way to make a machine know it is part of two domains. So the firewall thinks something like: I am called fw.domain1.com the MXs for domain2.com are fw.domain2.com and real_mail_server.domain2.com, I am not an MX for domain2.com therefore I cannot relay..... -Steve On Sat, 13 Jun 1998 malte@webmore.com wrote: > Everything looks fine with your config, BUT the big question is: > What does a RAR on 123.123.123.123 give ? > > It seems here is your problem. > > Malte. > > On 12-Jun-98 Stephen Mathezer wrote: > > > > This isn't really FreeBSD specific but I'm hoping someone out there can > > help me with this. > > > > Suppose I have two domain names which cover the same set of IP addresses. > > > > eg: fw.domain1.com = 123.123.123.123 > > fw.domain2.com = 123.123.123.123 > > > > Now, I have a firewall which is relaying mail from the Internet to an > > internal mail server. > > > > I am trying to use the relay_based_on_MX feature in Sendmail 8.9.0 > > Neither domain1.com nor domain2.com is in sendmail.cw since I want to > > relay mail for these domains to an internal mail server. > > > > The internal DNS used by the firewall lists fw as the mail exchanger for > > the domain so things sort of work. > > > > Here is my problem > > > > I want to use the short form of the DNS tables. > > > > eg: > > db.both-domain looks like: > > > > @ IN SOA fw.domain1.com. me.domain1.com. ( > > .........) > > > > @ IN A 123.123.123.124 > > MX 10 real-mail-server > > MX 20 fw > > > > named.boot then looks like > > > > primary domain1.com db.both_domains > > primary domain2.com db.both_domains > > > > > > All machines have the same addresses in both domains the two domain stuff > > is simply so that our marketing folks can be happy with our fancy domain > > name and the rest of us can use the one we have always used. > > I really would rather not maintain two db files separately for the domains > > which is why I am using the short form and only using one file. > > > > The problem arrives when I try to send mail to user@domain2.com from the > > Internet. The relay_based_on_MX doesn't allow the relay because the > > firewall (which to the outside world is our primary MX) decides that it is > > not an MX for domain2.com since it knows that it's name is fw.domain1.com. > > > > So, is there a way that I can make my firewall realize that it is in both > > domains or is there a simpler way of going about this. The goal I am > > trying to acheive here is: > > > > 1- fw is the primary MX for domain1.com and domain2.com as far as the > > outside world is concerned. > > 2- fw does NOT deliver mail locally for either but rather forwards it to > > real_mail_server.domain1.com (acheived by using a different name server > > internally which lists a different set of MXs which do include fw) > > 3- I only need to maintain _1_ db file for both domains under DNS > > 4- I am a good neighbour and limit the spam I allow to pass through my > > system. > > > > Thanks for reading my long winded query I would appreciate any advice. > > > > -Steve > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > ---------------------------------- > E-Mail: malte@webmore.com > Date: 13-Jun-98 > Time: 12:24:56 > ---------------------------------- > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.96.980613085906.21002A-100000>